This is a multi-part message in MIME format.
Eric Girard wrote:
Here is the script I am using, there are modifications towards the
bottom, just above the TODO comment that Meng put in. I also changed
the the call to Mail::SPF::Query module to include the guess
functionality, which is just below the Plugin: SPF banner.
Awesome, that's great, thanks! Maybe Meng should incorporate that into
the actual script.
As for SRS, I've come up with a pair of very simple shell scripts which
appear to work (very light testing) with postfix.
To use:
- Put them both somewhere you'll remember
- Install the Mail::SRS module from CPAN and say "yes" to the 'srs'
executable question
- Edit the "Settings" section in my scripts, and make sure the paths and
settings are right for you, especially the 'delim' variable which MUST
be the same as postfix's recipient_delimiter variable.
- Set up an alias in your postfix $alias_maps or $alias_database as follows:
SRS0 /path/to/srs-translate.sh
- Change any .forward files from:
email(_dot_)address(_at_)host(_dot_)com
to:
| "/path/to/srs-forward.sh email(_dot_)address(_at_)host(_dot_)com"
- Restart postfix
I think that should do it. The 'srs-forward.sh' script takes the SENDER
environment variable, SRS's it, then sends the msg on stdin using
sendmail to the recipients provided on the commandline. The
'srs-translate.sh' receives any mail for SRS0, un-SRS's the RECIPIENT to
the original address, then sends it to $SENDER using sendmail.
Note again, that this is a quick hack and may not work at all, though it
seems to work for me. I don't know if I'd trust it at a high-traffic
site without deeper testing.
One TODO: Maybe the 'srs-translate.sh' program should rewrite the "to"
message header as well, right now it only affects the 'RCPT TO' envelope
information. This works to send bounces back to the original sender,
but it may look funny to the final recipient once they get it.
This would work better if postfix had some facility for dynamic
sender-rewriting. If only the virtual(5) alias definition would let me
pipe an address through a program for translation...
--
Jim Ramsay
"Me fail English? That's unpossible!"
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com#!/bin/sh
#
# Un-forwards an SRS-bounce message to the proper recipient
#
# Copyright (c) 2004 Jim Ramsay <i(_dot_)am(_at_)jimramsay(_dot_)com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
# Usage:
# ------
#
# This is designed to be called by postfix's local(8) delivery program.
# For example, I use the following alias in my alias_maps to make it work:
#
# SRS0 |/path/to/srs-translate.sh
#
# Requires:
# ---------
#
# Depends on the 'srs' executable which is distributed with the perl
# Mail::srs module by Shevek, available on CPAN.
#
########################################################################
# Settings:
# - The postfix recipient_delimiter:
delim='-'
# - The location of the 'srs' program (comes with Mail::srs)
srsApp="/usr/bin/srs"
# - The secret parameter for 'srs' (see `srs --help` for more info)
secret="--secretfile=/etc/mail/srs/secret"
# - The path to the sendmail executable:
sendmail="/usr/sbin/sendmail"
########################################################################
# Advanced Settings:
# - The commandline to run to convert the address
srs="$srsApp --reverse --separator=$delim $secret"
# - In postfix, the untranslated address is in RECIPIENT
raw_address=$RECIPIENT
########################################################################
# Program:
# Perform the translation
good_address=`$srs $raw_address`
if [ $? != 0 ]; then
# SRS Rewrite failed for some reason
exit 67
fi
# Rewrite was successful - send it on:
exec $sendmail -f "$SENDER" $good_address
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
#!/bin/sh
#
# Forwards an email, rewriting the sender using SRS.
#
# Copyright (c) 2004 Jim Ramsay <i(_dot_)am(_at_)jimramsay(_dot_)com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
# Usage:
# ------
#
# srs-forward recipient_list
#
# This should be called from a postfix .forward file
#
# Instead of:
# & mail(_at_)otherserver(_dot_)com
# Put:
# ! /path/to/srs-forward mail(_at_)otherserver(_dot_)com
#
# Requires:
# ---------
#
# Depends on the 'srs' executable which is distributed with the perl
# Mail::srs module by Shevek, available on CPAN.
#
########################################################################
# Settings:
# - The postfix recipient_delimiter:
delim='-'
# - The location of the 'srs' program (comes with Mail::srs)
srsApp="/usr/bin/srs"
# - The secret parameter for 'srs' (see `srs --help` for more info)
secret="--secretfile=/etc/mail/srs/secret"
# - The path to the sendmail executable:
sendmail="/usr/sbin/sendmail"
# - The hostname to appear on the right-hand side of the @ in the final result
aliasHost=`hostname`
########################################################################
# Advanced Settings:
# - The commandline to translate the address
srs="$srsApp --forward --separator=$delim --alias=$aliasHost $secret"
# - In postfix, the untranslated address is in SENDER
raw_address=$SENDER
########################################################################
# Program:
# Ensure we have at least one recipient
if [ $# == 0 ]; then
basename=`basename $0`
echo "Usage:"
echo " $basename recpipent_list"
exit 1
fi
# Perform the translation
good_address=`$srs $raw_address`
if [ $? != 0 ]; then
# SRS Rewrite failed for some reason
exit 67
fi
# Rewrite was successful - send it on:
exec $sendmail -f $good_address "$@"